Wenbo Guo,Shuguo Li

DOI: https://doi.org/10.1109/tcsi.2023.3306347

2023-01-01

Abstract:The attack on quantum computers is an enormous threat to conventional public-key cryptography. Hence, it is crucial to study quantum-resistant cryptosystems. After four rounds of evaluation, the National Institute of Standards and Technology (NIST) has decided to standardize CRYSTALS-Kyber as one of the public-key post-quantum cryptography (PQC) algorithms. In the hardware design of CRYSTALS-Kyber, the polynomial-related calculations are the most time-consuming. In this paper, we present a highly-efficient hardware architecture for CRYSTALS-Kyber. Firstly, we propose the CRYSTALS-Kyber-oriented conflict-free memory mapping scheme with two modes. Based on this scheme, we construct the mixed radix-2/4 NTT/INTT algorithm, which has no pre- or post-processing, for the first time. By using the “lazy-last-layer” trick, the available memory bandwidth of NTT is temporarily increased, and the average performance of NTT is improved. Besides, the point-wise-multiplication (PWM) is performed in a single memory bank by cooperating with the two modes of our memory mapping scheme. This avoids the waste of memory bandwidth, thus avoiding the usage of large FIFOs for the sampled data. Last, we propose an efficient modular multiplier for CRYSTALS-Kyber, and we merge the divide-by-2 operations in the finite field into modular adders and subtractors to reduce resource consumption. This design, which supports all three security levels, is implemented on Xilinx Artix-7 FPGA with 7.3k LUTs, 3.2k FFs, 2.2k Slices, 5 BRAMs, and 4 DSPs. It performs 12% better in area-time-product than other leading designs in the literature.

Zewen Ye,Ruibing Song,Hao Zhang,Donglong Chen,Ray Chak-Chung Cheung,Kejie Huang

DOI: https://doi.org/10.46586/tches.v2024.i2.130-153

2024-01-01

Abstract:Lattice-Based Cryptography (LBC) schemes, like CRYSTALS-Kyber and CRYSTALS-Dilithium, have been selected to be standardized in the NIST Post-Quantum Cryptography standard. However, implementing these schemes in resourceconstrained Internet-of-Things (IoT) devices is challenging, considering efficiency, power consumption, area overhead, and flexibility to support various operations and parameter settings. Some existing ASIC designs that prioritize lower power and area can not achieve optimal performance efficiency, which are not practical for battery-powered devices. Custom hardware accelerators in prior co-processor and processor designs have limited applications and flexibility, incurring significant area and power overheads for IoT devices. To address these challenges, this paper presents an efficient lattice-based cryptography processor with customized Single-Instruction-Multiple-Data (SIMD) instruction. First, our proposed SIMD architecture supports efficient parallel execution of various polynomial operations in 256-bit mode and acceleration of Keccak in 320-bit mode, both utilizing efficiently reused resources. Additionally, we introduce data shuffling hardware units to resolve data dependencies within SIMD data. To further enhance performance, we design a dual-issue path for memory accesses and corresponding software design methodologies to reduce the impact of data load/store blocking. Through a hardware/software co-design approach, our proposed processor achieves high efficiency in supporting all operations in lattice-based cryptography schemes. Evaluations of Kyber and Dilithium show our proposed processor achieves over 10x speedup compared with the baseline RISC-V processor and over 5x speedup versus ARM Cortex M4 implementations, making it a promising solution for securing IoT communications and storage. Moreover, Silicon synthesis results show our design can run at 200 MHz with 2.01 mW for Kyber KEM 512 and 2.13 mW for Dilithium 2, which outperforms state-of-the-art works in terms of PPAP (Performance x Power x Area).

Yiming Huang,Miaoqing Huang,Zhongkui Lei,Jiaxuan Wu

DOI: https://doi.org/10.1587/elex.17.20200234

2020-09-10

IEICE Electronics Express

Abstract:This paper presents a pure hardware implementation of CRYSTALS-KYBER algorithm on Xilinx FPGAs. CRYSTALS-KYBER is one of 26 candidate algorithms in Round 2 of NIST Post-Quantum Cryptography (PQC) standardization process. The proposed design focuses on maximizing resource utilization by reusing most of the functional modules in the encapsulation and decapsulation processes of the algorithm. For instance, the hash module integrates several different hash functions in one module. Efficient parallel and pipelined computations are applied in the NTT module. Through the analysis of simulation and synthesis results, it is found that the proposed work has the advantages of higher frequencies and lower execution times. The scheme operates at 155 MHz and 192 MHz frequencies on Xilinx Artix-7 and Virtex-7 FPGAs, respectively. Compared with the performance of an embedded Cortex-M4 processor, the hardware implementation can achieve a maximum speedup of 129 times for encryption/decryption.

Xavier Carril,Charalampos Kardaris,Jordi Ribes-González,Oriol Farràs,Carles Hernandez,Vatistas Kostalabros,Joel Ulises González-Jiménez,Miquel Moretó

DOI: https://doi.org/10.1145/3675172

IF: 2.837

2024-07-03

ACM Transactions on Reconfigurable Technology and Systems

Abstract:Many high-demand digital services need to perform several cryptographic operations, such as key exchange or security credentialing, in a concise amount of time. In turn, the security of some of these cryptographic schemes is threatened by advances in quantum computing, as quantum computer could break their security in the near future. Post-Quantum Cryptography (PQC) is an emerging field that studies cryptographic algorithms that resist such attacks. The National Institute of Standards and Technology (NIST) has selected the CRYSTALS-Kyber Key Encapsulation Mechanism and the CRYSTALSDilithium Digital Signature algorithm as primary PQC standards. In this paper, we present FPGA-based hardware accelerators for high-volume operations of both schemes. We apply High-Level Synthesis (HLS) for hardware optimization, leveraging a batch processing approach to maximize the memory throughput, and applying custom HLS logic to specific algorithmic components. Using reconfigurable field-programmable gate arrays (FPGAs), we show that our hardware accelerators achieve speedups between 3x and 9x over software baseline implementations, even over ones leveraging CPU vector architectures. Furthermore, the methods used in this study can also be extended to the new CRYSTALS-based NIST FIPS drafts, ML-KEM and ML-DSA, with similar acceleration results.

computer science, hardware & architecture

Wenbo Guo,Shuguo Li,Liang Kong

DOI: https://doi.org/10.1109/tcsii.2021.3103184

2022-01-01

Abstract:Quantum algorithms pose a huge threat to the current cryptosystems. In this article, we present a hardware implementation of CRYSTALS-KYBER which is one of the post-quantum cryptosystems based on the Module-LWE problem. Using the proposed modular reduction algorithm, modified modular adder and the reconfigurable data path, the design shares the computing resource for different polynomial related operations, and achieves higher degree of parallelism. Our design is implemented on a Xilinx Artix-7 FPGA. Compared with the leading hardware implementations, our design is more compact, the execution time is shorter, and it significantly consumes fewer registers.

Wenbo Guo,Shuguo Li

DOI: https://doi.org/10.1109/tc.2023.3320040

IF: 3.183

2023-01-01

IEEE Transactions on Computers

Abstract:Facing the threat of large-scale quantum computers to traditional public-key cryptography, the National Institute of Standards and Technology has conducted Post-Quantum Cryptography algorithms evaluation for a long time, and CRYSTALS-Kyber has been selected to enter the standardization process. In the previous literature, hardware designs can significantly improve the performance of CRYSTALS-Kyber, and the most time-consuming operations are Number Theoretic Transform (NTT) and point-wise multiplication (PWM). However, the split-radix algorithm, which has a lower theoretical complexity in the FFT, has rarely been studied in the NTT. In this paper, we studied whether there are advantages of introducing split-radix algorithms into the NTT defined by CRYSTALS-Kyber and detailed derived the split-radix algorithms for the forward and inverse NTT without pre- or post-processing. By further optimizing the split-radix algorithm for the forward NTT, one of the three modular multipliers in the $\boldsymbol{L}$L-shaped butterfly unit is replaced by shifting-and-addition, which will reduce the hardware resource consumption. Besides, we proposed a recombined formula for PWM, which reduces the capacity of the intermediate data RAM for PWM by 25%. Together with the proposed hardware scheduling method, the above algorithms can improve performance and save hardware resources.

Trong-Hung Nguyen,Binh Kieu-Do-Nguyen,Cong-Kha Pham,Trong-Thuc Hoang

DOI: https://doi.org/10.1109/access.2024.3371581

IF: 3.9

2024-03-12

IEEE Access

Abstract:The efficiency of polynomial multiplication execution majorly impacts the performance of lattice-based post-quantum cryptosystems. In this research, we propose a high-speed hardware architecture to accelerate polynomial multiplication based on the Number Theoretic Transform (NTT) in CRYSTAL-Kyber and CRYSTAL-Dilithium. We design a Digital Signal Processing (DSP) architecture for modular multiplication in butterfly and Point-Wise Multiplication (PWM) operations. Our method reduces the critical path delay of an -bit multiplier to that of a ( -2)-bit adder, optimizing both area and speed. These dedicated DSPs are employed in butterfly and PWM operations, completely eliminating the pre-process and post-process of NTT transforms. Furthermore, we introduce a novel unified pipelined architecture for the NTT and Inverse NTT (INTT) transformations of Kyber and Dilithium, with corresponding high-speed (Radix-2) and ultra-high-speed (Radix-4) versions. Lastly, we construct a complete hardware accelerator for polynomial matrix-vector multiplication in Kyber. The Field-Programmable Gate Array (FPGA) implementation results have proven that our designs have significantly improved execution time by – for the NTT transforms in Dilithium and – for Kyber polynomial multiplication, compared to previous studies reported to date. Additionally, the hardware footprint results indicate that our proposed architectures exhibit superior hardware performance in Area-Time-Product (ATP), corresponding to a 44%–96% improvement. The proposed architectures are efficient and well-suited for high-performance lattice-based cryptography systems.

computer science, information systems,telecommunications,engineering, electrical & electronic

Suraj Mandal,Debapriya Basu Roy

2023-11-08

Abstract:Large-degree polynomial multiplication is an integral component of post-quantum secure lattice-based cryptographic algorithms like CRYSTALS-Kyber and Dilithium. The computational complexity of large-degree polynomial multiplication can be reduced significantly through Number Theoretic Transformation (NTT). In this paper, we aim to develop a unified and shared NTT architecture that can support polynomial multiplication for both CRYSTALS-Kyber and Dilithium. More specifically, in this paper, we have proposed three different unified architectures for NTT multiplication in CRYSTALS-Kyber and Dilithium with varying numbers of configurable radix-2 butterfly units. Additionally, the developed implementation is coupled with a conflict-free memory mapping scheme that allows the architecture to be fully pipelined. We have validated our implementation on Artix-7, Zynq-7000 and Zynq Ultrascale+ FPGAs. Our standalone implementations for NTT multiplication for CRYSTALS-Kyber and Dilithium perform better than the existing works, and our unified architecture shows excellent area and timing performance compared to both standalone and existing unified implementations. This architecture can potentially be used for compact and efficient implementation for CRYSTALS-Kyber and Dilithium.

Hardware Architecture,Cryptography and Security

Stefano Di Matteo,Ivan Sarno,Sergio Saponara

DOI: https://doi.org/10.1109/access.2024.3367109

IF: 3.9

2024-02-28

IEEE Access

Abstract:This paper presents the design and FPGA implementation of a hardware accelerator for the Post-Quantum CRYSTALS-Kyber and CRYSTALS-Dilithium algorithms, named CRYPHTOR (CRYstals Polynomial HW acceleraTOR). The proposed architecture includes a unified memory arrangement and dedicated ALUs for Kyber and Dilithium, capable of accelerating several polynomial operations such as Number Theoretic Transform (NTT), Inverse NTT, Coefficient-Wise Multiplication (CWM), modular addition and subtraction, modular reduction, and the multiply-accumulate operation. CRYPHTOR has been integrated into two SoCs: one based on a 64-bit RISC-V processor and the other on a 32-bit RISC-V microcontroller. In these configurations, up to 26x and 300x of speedup has been obtained for the NTT, and up to 30x and 140x of speedup for the matrix-vector multiplication compared to the software implementation running on the RISC-V processors.

computer science, information systems,telecommunications,engineering, electrical & electronic

Luke Beckwith,Duc Tri Nguyen,Kris Gaj

DOI: https://doi.org/10.1109/icfpt52863.2021.9609917

2021-12-06

Abstract:Many currently deployed public-key cryptosystems are based on the difficulty of the discrete logarithm and integer factorization problems. However, given an adequately sized quantum computer, these problems can be solved in polynomial time as a function of the key size. Due to the future threat of quantum computing to current cryptographic standards, alternative algorithms that remain secure under quantum computing are being evaluated for future use. One such algorithm is CRYSTALS-Dilithium, a lattice-based digital signature scheme, which is a finalist in the NIST Post Quantum Cryptography (PQC) competition. As a part of this evaluation, high-performance implementations of these algorithms must be investigated. This work presents a high-performance implementation of CRYSTALS-Dilithium targeting FPGAs. In particular, we present a design that achieves the best latency for an FPGA implementation to date. We also compare our results with the most-relevant previous work on hardware implementations of NIST Round 3 post-quantum digital signature candidates.

Cankun Zhao,Neng Zhang,Hanning Wang,Bohan Yang,Wenping Zhu,Zhengdong Li,Min Zhu,Shouyi Yin,Shaojun Wei,Leibo Liu

DOI: https://doi.org/10.46586/tches.v2022.i1.270-295

2021-01-01

IACR Transactions on Cryptographic Hardware and Embedded Systems

Abstract:The lattice-based CRYSTALS-Dilithium scheme is one of the three thirdround digital signature finalists in the National Institute of Standards and Technology Post-Quantum Cryptography Standardization Process. Due to the complex calculations and highly individualized functions in Dilithium, its hardware implementations face the problems of large area requirements and low efficiency. This paper proposes several optimization methods to achieve a compact and high-performance hardware architecture for round 3 Dilithium. Specifically, a segmented pipelined processing method is proposed to reduce both the storage requirements and the processing time. Moreover, several optimized modules are designed to improve the efficiency of the proposed architecture, including a pipelined number theoretic transform module, a SampleInBall module, a Decompose module, and three modular reduction modules. Compared with state-of-the-art designs for Dilithium on similar platforms, our implementation requires 1.4×/1.4×/3.0×/4.5× fewer LUTs/FFs/BRAMs/DSPs, respectively, and 4.4×/1.7×/1.4× less time for key generation, signature generation, and signature verification, respectively, for NIST security level 5.

Zhuo Chen,Duoli Zhang,Zhenmin Li,Gaoming Du,Xiaolei Wang

DOI: https://doi.org/10.1145/3649476.3658794

2024-06-12

Abstract:In the post-quantum signature CRYSTALS-Dilithium algorithm, polynomial multiplication accounts for 32% of the total computation Latency. It is necessary to design a high-performance polynomial multiplication module. In this paper, we have proposed a low-Latency polynomial multiplier. First, we insert registers in the Radix-2 Multi-path Delay Commutator (R2MDC) structure to increase clock frequency. Additionally, to further enhance the computational clock frequency, we have designed a five-stage pipelined Butterfly unit. Secondly, we have proposed a fully pipelined polynomial multiplier that supports polynomial point-wise multiplication during NTT/INTT transformations to save a significant number of cycles. We also designed a configurable Polynomial Pointwise Multiplication (PPM) module that supports calculations with three different security levels. Our polynomial multiplier structure is implemented on the K7 model of FPGA. Compared to the currently fastest design in terms of computational speed, we have saved between 13% and 39% of the computation latency.

Engineering,Computer Science

Liejun Ma,Xingjun Wu,Guoqiang Bai

DOI: https://doi.org/10.1109/cisce52179.2021.9445987

2021-01-01

Abstract:With the development of quantum information theory, classical cryptographical schemes will be threatened. CRYSTALS-KYBER (KYBER) is a kind of lattice-based post quantum cryptographical algorithms which can resist the quantum attack to a large extent. The polynomial multiplication is the most computationally intensive operation in the KYBER algorithm. In this paper, we proposed a Number Theoretic Transformation (NTT) implementation strategy to speed up the polynomial multiplication in FPGA platform. We optimized the structure by adopting a parallel approach, this can further reduce the NTT iteration time and achieve better performance.

Yifan Zhao,Honglin Kuang,Yi Sun,Zhen Yang,Chen,Jianyi Meng,Jun Han

DOI: https://doi.org/10.1109/asap57973.2023.00014

2023-01-01

Abstract:We present a cryptography extension built on RISC-V Vector Extension for efficient application of lattice-based post-quantum cryptography, offering custom instructions that can perform vectorized operations on polynomials of variable length and data width. We use micro-operation architecture to simplify the execution of variable-latency vector instructions and propose fracturable modular arithmetic units to support operations on variable coefficient width. On this basis, a vector unit is designed, achieving significant speed-up compared to the state-of-the-art counterparts for number-theoretic-transform-based polynomial multiplication. This cryptography extension is further integrated into the gem5 simulator to evaluate CRYSTALS-Kyber and CRYSTALS-Dilithium; results outperform the state-of-the-art implementations with more than 2.3 × improvement in cycle count.

Aobo Li,Dongsheng Liu,Cong Zhang,Xiang Li,Shuo Yang,Xingjie Liu,Jiahao Lu,Xuecheng Zou,Ang Hu,Tianming Ni

DOI: https://doi.org/10.1109/tii.2022.3195743

IF: 12.3

2022-12-17

IEEE Transactions on Industrial Informatics

Abstract:Progress of quantum computing technology seriously threaten the industrial information security based on traditional public-key cryptosystem. Thus, the cryptosystem with anti-quantum attack characteristics is gradually becoming a significant research in the security field. In this article, a flexible and high-performance secure coprocessor is designed for security in industrial processes, which can execute the post-quantum cryptographic algorithm Saber efficiently. Custom instruction set and arithmetic accelerators are proposed to effectively optimize the flexibility of system architecture, and improve the performance of calculation. The hardware implementation results show that the maximum operating frequency of the coprocessor can reach 345 MHz. Compared with related state-of-the-art works, it achieves the highest operating frequency on the same Xilinx UltraScale+ FPGA platform, performing the encryption and decryption operations within 13.5 and 15.4 μs, respectively. Meanwhile, this article achieves 1.7/3.1/5.9× area-time product improvements in look-up table flip-flop block memory storage with good flexibility.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Leibo Liu,Hang Zhao,Shaojun Wei,Wenping Zhu,Cankun Zhao,Bohan Yang

DOI: https://doi.org/10.1109/HOST55342.2024.10545379

2024-05-06

Abstract:CRYSTALS-Dilithium has been declared as the first recommended digital signature algorithm in NIST Post-Quantum Cryptography Standardization. The advancement of high-speed hardware research for Dilithium is propelled by the need for real-time processing of extensive data in numerous digital signature applications. To address the slow signature generation speed issue, a two-stage pipeline structure was developed to accelerate the underlying rejection loop, at a cost of substantial resource consumption. In this paper, we present the first analysis on the possibility of leveraging sparse multiplication in the second stage, which can reduce the bit complexity of corresponding multiplications by over 85% and lower the storage requirements for the secret key by over 68%. Building on this, we propose a sparse computing core and a high-speed hybrid architecture for Dilithium, with an efficient scheduling mechanism and optimized modules. Compared to state-of-the-art high-speed implementations on similar platforms, the signature generation speed is at least 2x faster. Meanwhile, the area-time-products of signature generation achieve 3.6x/4.3x/2.0x/2.1x improvement in terms of LUT/FF/DSP/BRAM, respectively.

Engineering,Computer Science

Naina Gupta,Gautam Jha,A. Chattopadhyay,Arpan Jati

DOI: https://doi.org/10.1109/TCSI.2023.3274599

2023-08-01

Abstract:The looming threat of an adversary with quantum computing capability led to a worldwide research effort towards identifying and standardizing novel post-quantum cryptographic primitives. Post-standardization, all existing security protocols will need to support efficient implementation of these primitives. In this work, we contribute to these efforts by reporting the smallest implementation of CRYSTALS-Dilithium, one of the chosen post-quantum digital signature scheme for NIST standardization process. By invoking multiple optimizations to leverage parallelism, pre-computation and memory access sharing, we obtain an implementation that could be fit into one of the smallest Zynq FPGA. On Zynq Ultrascale+, our design achieves an improvement of about 36.7%/35.4%/42.3% in Area<inline-formula> <tex-math notation="LaTeX">$\times $ </tex-math></inline-formula>Time (LUTs<inline-formula> <tex-math notation="LaTeX">$\times \text{s}$ </tex-math></inline-formula>) trade-off for KeyGen/Sign/Verify respectively over state-of-the-art implementation. We also evaluate our design as a co-processor on three different hardware platforms and compare the results with software implementation, thus presenting a detailed evaluation of CRYSTALS-Dilithium targeted for embedded applications. Further, on ASIC using TSMC 65nm technology, our design requires 0.227mm² area and can operate at a frequency of 1.176 GHz. As a result, it only requires <inline-formula> <tex-math notation="LaTeX">$53.7\mu \text{s}/96.9\mu \text{s}/57.7\mu \text{s}$ </tex-math></inline-formula> for KeyGen/Sign/Verify operation for the best-case scenario.

Engineering,Computer Science

Yihong Zhu,Wenping Zhu,Yi Ouyang,Junwen Sun,Min Zhu,Qi Zhao,Jinjiang Yang,Chen Chen,Qichao Tao,Guang Yang,Aoyang Zhang,Shaojun Wei,Leibo Liu

DOI: https://doi.org/10.1109/ISSCC49657.2024.10454332

2024-01-01

Abstract:The migration towards post-quantum cryptography (PQC) is in progress to secure communications and transactions against the impending quantum threat, while three key-encapsulation mechanisms (KEM) and one digital signature (DS) scheme are being standardized by NIST [1]. This multi-year migration poses serious challenges to PQC implementations for compatibility and performance requirements in various scenarios and settings: 1) Performance limitations caused by diverse computation patterns and relatively higher computation costs. 2) Crypto-agility resulting from different mathematical problems, various security parameters, or even different standardization bodies. 3.) Domain-specific optimization to address the long-term security of the evolving algorithm families. However, most existing PQC accelerators [2, 3, 5] were only customized for specific algorithms based on unique mathematical problems. The latest configurable PQC processor [4] did not support Falcon and Sphincs+, which are being drafted for standardization. To address this issue, a versatile PQC processor fabricated in 28nm is presented with three key features: 1) task-clustering-based architecture for scalable processing with aggressive parallelism; 2) region-based task-path (TP) with dynamic update for agile cryptographic computing; 3) efficient PQC task-operators (TO), including hash/sample, format, floating-point/complex, encoding/decoding operators, for further improvements on throughput and energy-efficiency. Based on these contributions, the proposed chip supports all predominant schemes in NIST’s PQC standardization, while still delivering 44.6% and 10.3% improvements in the throughput and energy-delay product (EDP), respectively, relative to a state-of-the-art design [4].

Weihang Tan,Yingjie Lao,Keshab K. Parhi

DOI: https://doi.org/10.1109/ICCAD57390.2023.10323839

2023-10-07

Abstract:CRYSTAL-Kyber (Kyber) is one of the post-quantum cryptography (PQC) key-encapsulation mechanism (KEM) schemes selected during the standardization process. This paper addresses optimization for Kyber architecture with respect to latency and throughput constraints. Specifically, matrix-vector multiplication and number theoretic transform (NTT)-based polynomial multiplication are critical operations and bottlenecks that require optimization. To address this challenge, we propose an algorithm and hardware co-design approach to systematically optimize matrix-vector multiplication and NTT-based polynomial multiplication by employing a novel sub-structure sharing technique in order to reduce computational complexity, i.e., the number of modular multiplications and modular additions/subtractions consumed. The sub-structure sharing approach is inspired by prior fast parallel approaches based on polyphase decomposition. The proposed efficient feed-forward architecture achieves high speed, low latency, and full utilization of all hardware components, which can significantly enhance the overall efficiency of the Kyber scheme. The FPGA implementation results show that our proposed design, using the fast two-parallel structure, leads to an approximate reduction of 90% in execution time, along with a 66 times improvement in throughput performance.

Cryptography and Security,Hardware Architecture

Wentao Xi,Xingjun Wu,Kai Zhang

DOI: https://doi.org/10.1145/3638782.3638800

2024-01-01

Abstract:The development of quantum computers has introduced a significant threat to the security of traditional cryptographic algorithms. To address this challenge, post-quantum cryptographic algorithms (PQC) have been developed, offering robust resistance against attacks from quantum computers. The hash operation plays a critical role in many PQC algorithms based on lattice ciphers and represents a substantial resource-consuming component in algorithm implementations. In this paper, we propose a novel circuit structure for hash implementation in FPGA platform. Our design integrates the hash operations of Kyber and Dilithium by reusing a shared Keccak unit and achieves different hash operation modes through parameter configuration in the control unit. Furthermore, we introduce a novel pipeline structure that multiplexes two sets of pipeline registers with an unfolding factor of 1. This innovative approach significantly reduces hardware resource consumption while satisfying the performance requirements of the algorithm. The proposed architecture, implemented on the Kintex-7 FPGA, utilizes 7376 LUTs, 3059 FFs, and 4 DSPs. Compared to the existing state-of-the-art designs, our design reduces about 40.2% of LUT resources, and 14.1% of Flip Flops resources. Additionally, it achieves 391MHZ clock frequency and finishes Keccak operations in 0.123μs. As a result, our design offers a low-cost, configurable hash computing circuit architecture with relatively excellent performance.